General discussion


Internet Security: OpenBSD IPSec VPN

By discussion ·
In this week's Internet Security Focus TechMails column, Jonathan Yarden discusses using OpenBSD to implement an IPSec VPN. Have you used OpenBSD, or something like it? What did you use the open source operating system for? How did it work for you?
If you'd like to learn more about the Internet Security Focus TechMail, point to this link and click Internet Security Focus to see a sample. If you're interested, you can also sign up:

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Big fan of linux VPN's

by LordInfidel In reply to Internet Security: OpenBS ...

While it takes a litle more to set up. The price is well worth it.

Did'nt read the article, but I can only assume that FreeS/Wan was mentioned.

Collapse -

Interesting, where to learn more?

by David Cove In reply to Internet Security: OpenBS ...

Interesting reading, where can I learn more about using IPSEC as you did?

Anyone know of a liveCD for BSD that will do this and operate as well as Knoppix does for Linux?

Collapse -


by listings In reply to Internet Security: OpenBS ...

Nice to read this story about VPN and the hospitals. But since Jonathan Yarden was not allowed to change anything on the Firewalls how could he setup the VPN connections? Did the Firewall IPSec passthough by default? This is unclear for me after reading his article.

Biton Walstra.

Collapse -

Did it without changing firewall?

by bcontario In reply to Internet Security: OpenBS ...

Ok, so cool story, but what about the "management at both hospitals forbid changes to the firewall to support the application". It sounds like they did after all make changes to support the application, but just not in the way they may have originally thought. I'm sure at least one side had to change to allow an inbound IPSec connection unless you established an outside "bridge" machine that allows both sites to make outbound connections to a single external machine (but probably not).

So, this may be a "free" solution, but it is likely that people still have to be willing to make changes to their firewalls to implement this, and hopefully management is open-minded enough to allow the needed changes.

Related Discussions

Related Forums